Another awesome lineup of topics and speakers! Based on our poll results I'm catering to your preferences on topics, food, location, and meeting times.
We'll have food and drinks again (thank you Portworx!), but please RSVP so I get an accurate headcount. Also, Google no longer require vaccination for entry, but if you haven't before please message me your first and last name if it doesn't match your meetup handle.
6:00 pm: food / drink / networking
6:10 pm: Talk #1: OWASP top 10 for K8s, w Andrew Josephides
6:40 pm: Who's hiring?
7:00 pm: Talk #2: Multi-cloud, multi-cluster, w Michael O'Leary
7:50 pm: Talk #3: Data Protection with CI/CD, w Matt LeBlanc
8:30 pm: Finish (or head to bar for beers)
Speakers & topics
OWASP Top 10 for K8s, w Andrew Josephides
Andrew Josephides is the Director of Security Research at KSOC, who initiated the OWASP Top 10 for Kubernetes open source project.
Given the size and complexity of K8s deployments, K8s security blindspots present a significant challenge for teams. Like other OWASP Top-10 lists, this one provides an excellent starting point for tackling those challenges. This talk is aimed at helping security practitioners, system administrators, and software developers prioritize risks around the Kubernetes ecosystem.
Multi-cloud, multi-cluster, w Michael O'Leary
Michael O'Leary is a Solution Architect at F5, and the organizer of this meetup group.
Two of the topic requests from last meeting were "multi-cloud" and "mulit-cluster". This is a complex challenge that every business has. I'm going to show ways to address this at small or large scale. I'll demo F5's solution, and I will highlight alternatives too. I'll use the free tier and float an idea for a free, hands-on project that might be fun and certainly educational for members of this Meetup group.
Code being deployed can affect and change your data, and for that reason we need to consider protecting that data as part of our Continuous Development pipelines. In this session, we will focus on how we can incorporate backup actions into your pipeline to ensure that any code changes are secure. We will start by creating a restore point, be it a snapshot or an export to another external repository. We will then, as part of a demo, incorporate a failure scenario into the environment pipeline to simulate how a ConfigMap can manipulate data to cause data loss. Then we need a way to bring the data back!
Sorry, this event is in-person only, so please join us in Cambridge!